- useradd: modify check ID range for system users

- Fix release sources
- Add subid requirement for subid-devel

Resolves: #2004911

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
This commit is contained in:
Iker Pedrosa 2022-04-22 15:13:49 +02:00
parent 4b31c38f8e
commit 1fa6b1e5d5
2 changed files with 31 additions and 3 deletions

View File

@ -0,0 +1,19 @@
diff -up shadow-4.9/src/useradd.c.useradd-modify-check-ID-range-for-system-users shadow-4.9/src/useradd.c
--- shadow-4.9/src/useradd.c.useradd-modify-check-ID-range-for-system-users 2022-04-22 14:50:10.658371270 +0200
+++ shadow-4.9/src/useradd.c 2022-04-22 14:54:34.810100549 +0200
@@ -2319,12 +2319,10 @@ static void check_uid_range(int rflg, ui
{
uid_t uid_min ;
uid_t uid_max ;
- if(rflg){
- uid_min = (uid_t)getdef_ulong("SYS_UID_MIN",101UL);
+ if (rflg) {
uid_max = (uid_t)getdef_ulong("SYS_UID_MAX",getdef_ulong("UID_MIN",1000UL)-1);
- if(uid_min <= uid_max){
- if(user_id < uid_min || user_id >uid_max)
- fprintf(stderr, _("%s warning: %s's uid %d outside of the SYS_UID_MIN %d and SYS_UID_MAX %d range.\n"), Prog, user_name, user_id, uid_min, uid_max);
+ if (user_id > uid_max) {
+ fprintf(stderr, _("%s warning: %s's uid %d is greater than SYS_UID_MAX %d\n"), Prog, user_name, user_id, uid_max);
}
}else{
uid_min = (uid_t)getdef_ulong("UID_MIN", 1000UL);

View File

@ -1,12 +1,12 @@
Summary: Utilities for managing accounts and shadow password files Summary: Utilities for managing accounts and shadow password files
Name: shadow-utils Name: shadow-utils
Version: 4.9 Version: 4.9
Release: 3%{?dist} Release: 4%{?dist}
Epoch: 2 Epoch: 2
License: BSD and GPLv2+ License: BSD and GPLv2+
URL: https://github.com/shadow-maint/shadow URL: https://github.com/shadow-maint/shadow
Source0: https://github.com/shadow-maint/shadow/releases/download/%{version}/shadow-%{version}.tar.xz Source0: https://github.com/shadow-maint/shadow/releases/download/v%{version}/shadow-%{version}.tar.xz
Source1: https://github.com/shadow-maint/shadow/releases/download/%{version}/shadow-%{version}.tar.xz.asc Source1: https://github.com/shadow-maint/shadow/releases/download/v%{version}/shadow-%{version}.tar.xz.asc
Source2: shadow-utils.useradd Source2: shadow-utils.useradd
Source3: shadow-utils.login.defs Source3: shadow-utils.login.defs
Source4: shadow-bsd.txt Source4: shadow-bsd.txt
@ -67,6 +67,8 @@ Patch22: shadow-4.9-newgrp-fix-segmentation-fault.patch
Patch23: shadow-4.9-getsubids.patch Patch23: shadow-4.9-getsubids.patch
# https://github.com/shadow-maint/shadow/commit/a757b458ffb4fb9a40bcbb4f7869449431c67f83 # https://github.com/shadow-maint/shadow/commit/a757b458ffb4fb9a40bcbb4f7869449431c67f83
Patch24: shadow-4.9-groupdel-fix-sigsegv-when-passwd-does-not-exist.patch Patch24: shadow-4.9-groupdel-fix-sigsegv-when-passwd-does-not-exist.patch
# https://github.com/shadow-maint/shadow/commit/f1f1678e13aa3ae49bdb139efaa2c5bc53dcfe92
Patch25: shadow-4.9-useradd-modify-check-ID-range-for-system-users.patch
### Dependencies ### ### Dependencies ###
Requires: audit-libs >= 1.6.5 Requires: audit-libs >= 1.6.5
@ -120,6 +122,7 @@ Utility library that provides a way to manage subid ranges.
%package subid-devel %package subid-devel
Summary: Development package for shadow-utils-subid Summary: Development package for shadow-utils-subid
License: BSD and GPLv2+ License: BSD and GPLv2+
Requires: shadow-utils-subid = %{epoch}:%{version}-%{release}
%description subid-devel %description subid-devel
Development files for shadow-utils-subid. Development files for shadow-utils-subid.
@ -151,6 +154,7 @@ Development files for shadow-utils-subid.
%patch22 -p1 -b .newgrp-fix-segmentation-fault %patch22 -p1 -b .newgrp-fix-segmentation-fault
%patch23 -p1 -b .getsubids %patch23 -p1 -b .getsubids
%patch24 -p1 -b .groupdel-fix-sigsegv-when-passwd-does-not-exist %patch24 -p1 -b .groupdel-fix-sigsegv-when-passwd-does-not-exist
%patch25 -p1 -b .useradd-modify-check-ID-range-for-system-users
iconv -f ISO88591 -t utf-8 doc/HOWTO > doc/HOWTO.utf8 iconv -f ISO88591 -t utf-8 doc/HOWTO > doc/HOWTO.utf8
cp -f doc/HOWTO.utf8 doc/HOWTO cp -f doc/HOWTO.utf8 doc/HOWTO
@ -321,6 +325,11 @@ rm -f $RPM_BUILD_ROOT/%{_libdir}/libsubid.la
%{_libdir}/libsubid.so %{_libdir}/libsubid.so
%changelog %changelog
* Fri Apr 22 2022 Iker Pedrosa <ipedrosa@redhat.com> - 2:4.9-4
- useradd: modify check ID range for system users. Resolves: #2004911
- Fix release sources
- Add subid requirement for subid-devel
* Thu Dec 2 2021 Iker Pedrosa <ipedrosa@redhat.com> - 2:4.9-3 * Thu Dec 2 2021 Iker Pedrosa <ipedrosa@redhat.com> - 2:4.9-3
- getsubids: provide system binary and man page. Resolves: #2013015 - getsubids: provide system binary and man page. Resolves: #2013015
- useradd: generate home and mail directories with selinux user attribute. Resolves: #1993081 - useradd: generate home and mail directories with selinux user attribute. Resolves: #1993081